Application Security Engineer Lead

INFORMATION SECURITY ENGINEER IVWHAT IS THE OPPORTUNITY?

The Application Security Lead is responsible for addressing legacy and emerging security issues, and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation.

As issues are uncovered, the Application Security Lead communicates with the appropriate technical and leadership teams to ensure a focus on risk mitigation
– allowing for business continuity, but without negligent risk.

This position is also responsible for assessing the security of internally developed, third party developed, commercial off the shelf (COTS), and open source software applications.

This includes performing architecture reviews to steer projects in the right direction early, participating in security code reviews, and performing penetration testing against products prior to shipping.WHAT YOU WILL BE DOING?

• Manage a small team of Application Security Engineers and Analysts
• Create threat models and leverage them to prioritize resource allocation
• Consult, advise or oversee the secure design and configuration requirements of key application projects to ensure compliance with bank and regulatory standards
• Develop and oversee strategic initiatives designed to identify and reduce the attack surface across applications and systems
• Educate and train application teams on security topics and skills to build strong relationships within the development community
• Collaborate with security groups such as red teams, threat intelligence and risk management to form a holistic team dedicated to thwarting attackers and reducing attack surface WHAT WE REQUIRE?

• 7+ years of relevant experience / area of expertise
• 1-3 years of people management experience
• BA/BS Degree or equivalent combination of training and experience
• Experience with Information Security practices and frameworks (NIST, CIS, CSA, etc.)
• Experience with at least one of the following cloud providers: AZURE, AWS, or GCP
• Maintains one or more relevant certifications (SANS GPEN, SANS GWAPT, SANS GMOB, ISC2 CISSP, ISC2 CSSLP.

etc.)
• Strong written and verbal communication skills, as well as the ability to work well with a diverse mix of stakeholdersSkills and Knowledge Demonstrated experience with one or more enterprise security platforms Demonstrated experience as lead engineer in the design, implementation and support in a complete enterprise IT environment Demonstrated knowledge of secure build and configuration standards in a highly regulated environment Excellent communication and interpersonal skills.

Including a strong ability to create positive and professional business relationships with partner engineering and architecture teams across IT Strong commitment to working as a team and providing excellent customer service.

Masters’ degree in business, computer science or related field preferred Security certifications (CISSP, GSEC, etc.) are highly desired.

System administration certifications (CCNA, MCSA, etc.) highly desired Formalized training and mastery in security platform or product *To be considered for this position you must meet at least these basic qualificationsThe preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification.

It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.INCLUSION AND EQUAL OPPORTUNITY EMPLOYMENTCity National Bank is an equal opportunity employer committed to diversity and inclusion.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other basis protected by law.ABOUT CITY NATIONALWe start with a basic premise: Business is personal.

Since day one we’ve always gone further than the competition to help our clients, colleagues and community flourish.City National Bank was founded in 1954 by entrepreneurs for entrepreneurs and that legacy of integrity, community and unparalleled client relationships continues to drive phenomenal growth today.

City National is a subsidiary of Royal Bank of Canada, one of North America’s leading diversified financial services companies.Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Related Post